| Summary: | In order to evaluate the effectiveness of information security management and the risks associated with its use, in computer networks, at the Santa Elena Peninsula State University, the implementation of a model that establishes the goals to be achieved to advance was proposed, through the different levels that make up the rating scale. The model is formalized with the main standards, recommendations and existing regulations, both at an international and national level, on information security management and offers a comprehensive vision of information security controls, considering all the automated controls and not automatable and defines the actions to be carried out in each of the cases. The model does not constitute a new proposal of controls and management processes, but rather provides an automation, integration and synthesis approach to existing proposals, to reduce the complexity of management and increase the effectiveness of information security controls in computer networks.
|
|---|
